Skip to content

AMM-1456 fix: cookie name #204

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
drtechie merged 1 commit into from
May 23, 2025
Merged

AMM-1456 fix: cookie name #204

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion src/main/java/com/iemr/common/controller/users/IEMRAdminController.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -496,7 +496,7 @@ public String getLoginResponse(HttpServletRequest request) {
Cookie[] cookies = request.getCookies();
if (cookies != null) {
for (Cookie cookie : cookies) {
if ("jwtToken".equals(cookie.getName())) {
if ("Jwttoken".equalsIgnoreCase(cookie.getName())) {
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai Bot May 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Verification agent

🧩 Analysis chain

Good fix for case-sensitivity, but verify cookie name consistency.

The change to use equalsIgnoreCase() is a good practice for robust cookie handling. However, please ensure that the cookie name "Jwttoken" exactly matches how the cookie is set elsewhere in the application.

Let me verify the cookie naming consistency across the codebase:

🏁 Script executed:

#!/bin/bash
# Description: Check for JWT cookie naming patterns to ensure consistency

# Search for cookie setting operations
echo "=== Cookie Setting Operations ==="
rg -A 3 -B 3 "addJwtTokenToCookie|setCookie|addCookie" --type java

# Search for JWT token cookie references
echo "=== JWT Token Cookie References ==="
rg -A 2 -B 2 "jwtToken|Jwttoken|JWT.*[Cc]ookie" --type java

# Search in CookieUtil to see how the cookie is actually named
echo "=== CookieUtil Implementation ==="
fd "CookieUtil" --type f --extension java --exec cat {}

Length of output: 17692

Approve case‐insensitive cookie comparison; cookie name is consistent.

All JWT cookies are consistently named "Jwttoken" when set and read. To eliminate duplicated lookup logic, please refactor the manual loops to use the existing utility method:

• src/main/java/com/iemr/common/controller/users/IEMRAdminController.java
– Line 499 in getLoginResponse (manual cookie loop)
– getJwtTokenFromCookie endpoint (around line 1095)
• src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java
– Cookie lookup block using equalsIgnoreCase("Jwttoken")

Replace each manual loop with a call to CookieUtil.getJwtTokenFromCookie(request) for better DRY and consistency.

🤖 Prompt for AI Agents 
In src/main/java/com/iemr/common/controller/users/IEMRAdminController.java at
line 499, the manual loop checking for the "Jwttoken" cookie using
equalsIgnoreCase should be refactored to use the existing utility method
CookieUtil.getJwtTokenFromCookie(request). This change will remove duplicated
cookie lookup logic, improve code consistency, and adhere to DRY principles.
Locate all manual cookie loops for JWT token retrieval in this file and in
JwtUserIdValidationFilter.java and replace them with calls to
CookieUtil.getJwtTokenFromCookie(request).

jwtToken = cookie.getValue();
break;
}
Expand Down
Loading